Cyber Resilience

CVE-2025-12619

High

Published: 03 November 2025

Published
03 November 2025
Modified
05 November 2025
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0016 36.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-12619 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda A15 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 36.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-12619 is a buffer overflow vulnerability affecting the Tenda A15 router on firmware version 15.13.07.13. The flaw resides in the fromSetWirelessRepeat function within the /goform/openNetworkGateway file, where manipulation of the wpapsk_crypto2_4g argument triggers the overflow. It is classified under CWE-119 and CWE-120, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation over the network with low complexity and no user interaction required. Attackers need low privileges, such as those of an authenticated user, to trigger it. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution, data compromise, or denial of service on the affected device.

Advisories and details are documented on VulDB (ctiid.330913, id.330913, submit.678888), with an exploit publicly available via a Baidu link and general information on the Tenda website (tenda.com.cn). No specific patch or mitigation steps are detailed in the provided references.

EU & UK References

Vulnerability details

A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and…

more

could be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote buffer overflow in the Tenda A15 router's web interface (/goform/openNetworkGateway) enables arbitrary code execution via public-facing application exploitation.

CVEs Like This One

CVE-2026-4567Same product: Tenda A15
CVE-2025-11356Same vendor: Tenda
CVE-2026-2202Same vendor: Tenda
CVE-2025-12232Same vendor: Tenda
CVE-2026-4565Same vendor: Tenda
CVE-2026-7031Same vendor: Tenda
CVE-2026-2137Same vendor: Tenda
CVE-2025-7463Same vendor: Tenda
CVE-2025-10815Same vendor: Tenda
CVE-2025-11385Same vendor: Tenda

Affected Assets

tenda
a15 firmware
15.13.07.13

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-10 requires validation of information inputs like the wpapsk_crypto2_4g argument to prevent buffer overflows from manipulated data.

prevent

SI-2 mandates monitoring, identification, and remediation of flaws such as this buffer overflow via firmware patching.

prevent

SI-16 implements memory protection mechanisms like address space layout randomization to mitigate arbitrary code execution from buffer overflows.

References